Download Latest Version Wazuh v4.13.1 source code.zip (22.7 MB)
Email in envelope

Get an email when there's a new version of Wazuh

Home / v4.13.0
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2025-09-18 7.9 kB
0
Wazuh v4.13.0 source code.tar.gz 2025-09-18 18.8 MB
0
Wazuh v4.13.0 source code.zip 2025-09-18 22.7 MB
1 1 weekly downloads
Totals: 3 Items   41.5 MB 1

Manager

Added

  • Added Analysisd ability to do a hot ruleset reload. (#29458)
  • Added support for global queries of FIM and system inventory data. (#27894)
  • Added sanity checks for hotfix values in Vulnerability Detector. (#30504)

Fixed

  • Fixed missing agent version handling in Vulnerability Detector. (#29181)
  • Fixed race condition in agent status synchronization between worker and master. (#29624)
  • Fixed agent-group assignment for missing agents with improved error handling. (#30534)
  • Fixed missing OS info updates in global inventory after first scan. (#30818)
  • Fixed wazuh-db failure during agent restarts by updating the restart query to use HTTP. (#31048)
  • Fixed DFM graceful shutdown. (#30627)
  • Fixed inode field as string in FIM JSON messages to ensure schema consistency. (#30718)
  • Fixed duplicate OS vulnerabilities detected due to inventory after OS version change. (#30837)

Changed

  • Improved reports functionality to avoid duplicated daily FIM reports. (#29232)
  • Optimized agent query endpoints. (#29363)
  • Implemented RBAC resource cache with TTL support. (#29406)
  • Improved Wazuh-DB protocol to support large HTTP requests and remove pagination. (#29514)
  • Added HTTP client implementation to wazuh-db. (#29515)
  • Separated control messages from the connection handling in remoted. (29153)
  • Added capability to re-index CVEs if documents have changed in Vulnerability detector. (#29916)
  • Improved exception handling in run_local SDK funcition. (#30851)
  • Improved Authd connection management using epoll for better handling of concurrent agent registration requests. (#29135)
  • Added single writer buffer manager instance for each indexer connector instances. (#31114)
  • Disabled FIM Global Queries. (#31856))

Agent

Added

  • Added support for Rocky Linux and AlmaLinux in the agent upgrade module. (#29391)
  • Added handling of CentOS 9 SCA files in package specs. (#29393)
  • Added SCA support for Oracle Linux 10. (#29139)
  • Added Rootcheck rule to detect root-owned files with world-writable permissions. (#30556)
  • Added Ms-Graph token validation before performing requests. (#30377)
  • Added support for UTF-8 characters in file paths for FIM. (#30763)

Fixed

  • Fixed incorrect handling of events in the Custom logs bucket. (#29312)
  • Fixed download Azure's blob race condition. (29317)
  • Fixed FIM reports false files. (#28962)
  • Fixed IPv6 address format reported by WindowsHelper. (#29502)
  • Fixed hidden port detection and netstat availability handling. (#29561)
  • Replaced select() with sleep() in Logcollector to prevent errors during Docker deployment. (#29905)
  • Fixed NetNTLMv2 exposure by filtering UNC paths and mapped drives in Windows agent. (#30060)
  • Fixed Windows agent not starting after manual upgrade by deferring service start to post-install. (#29820)
  • Fixed the loss of precision of the FIM inode field at values higher than 2ˆ53. (#30552)
  • Fixed expanded file list in logcollector getconfig output. (#30614)
  • Fixed authd.pass ACL permissions to match client.keys security level in Windows agent installer. (#31187)

Changed

  • Improved agent synchronization to reduce redundant payload transfers. (#29426)
  • Improved Syscollector to report only Python packages managed by dpkg. (#28688)
  • Improved wazuh-db JSON handling performance by updating external dependencies. (#29399)
  • Improved Azure module logging capabilities. (#29930)
  • Improved restart on macOS agents after an upgrade. (#29940)
  • Standarized different services timeouts. (#29443)
  • Removed internal_key from queries filters. (#30637)

RESTful API

Added

  • Added the server uuid to the /manager/info endpoint. (#29524)
  • Added /agents/summary endpoint. (#29589)
  • Added ruleset reload endpoints. (#31459)

Fixed

  • Fixed false positive in configuration uploading. (#28962)
  • Fixed sorting by version in agent list endpoint. (#29166)

Ruleset

Added

  • Added SCA content for CentOS Stream 9. (#29269)
  • Added IOCs and rules for Wazuh 4.x ruleset improvement. (#29653)
  • Added SCA content for Oracle Linux 10. (#29139)
  • Added rule to minimize event flooding from Windows events on the Wazuh manager. (#28790)

Changed

  • Fixed bugs in Microsoft Windows 11 Enterprise SCA policy. (#5648)
  • Fixed multiple checks in RHEL 9, RHEL 10, Rocky Linux 8 and Rocky Linux 9 SCA policies. (#29040)
  • Fixed diff causing false negatives in rootcheck. (#28982)
  • Fixed multiple RHEL 8 and CentOS 7 SCA checks generating incorrect results. (#28711)
  • Fixed false positives in Benchmark Ubuntu 24.04. (#30827)

Other

Changed

  • Updated Python dependencies: setuptools, Jinja2, and PyJWT. (#29610)
  • Upgraded Python embedded interpreter to 3.10.16. (#28646)
  • Upgraded h11 to 0.16.0 and httpcore to 1.0.9. (#29735)
  • Removed unused Python Azure dependencies. (#28564)
Source: README.md, updated 2025-09-18